Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=darcz.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 23, 2026
Valid Until
April 23, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BB:01:96:B3:BD:11:8B:14:92:42:F2:6D:4D:9C:12:B6:8C:BA:E8:C7:FA:B6:02:8B:07:D6:D3:DA:A0:B8:96:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
vabaa.org.au
woman.agriweather.online
alinogo.org
alsiraat.ai
www.ambreon.com
app.atios.ch
aurorabiz.co
autorepuestosc4.com
www.baseball-connections.com
beerbellyops.com
signature.befleetly.com
bekahukuk.com
auth.bisikbox.com
bondandbond.co.nz
brytwd.com
www.bt-wedding.eu
www.cahane.co.uk
pocket-regi.coffee-break-designs.com
aktasogluinsaat.com.tr
www.coursewagon.live
darcz.uk
v4.beta.exchange.dexkit.com
eaglearabia.com
www.eaglearabia.com
test.elab.pk
familiar-admin.evisjap.co.jp
www.fazeli.dev
flowerfreshcleaners.com
a0eu.foodle.su
fyreadvertising.com
training-center.gardez-votre-permis.fr
gethugeapp.com
gmaingcity.com
gnvloveslocal.org
goog.men
guitarlessonsyork.co.uk
admin.h-backoffice.com
wa.hemisphere.digital
www.ima.ai
interestcharge.com.au
admins.js.eco
justinemackay.com
crm.keoworld.com
staging.kivee.app
kooltank.ca
krakelabsindia.com
landover.io
utpoanas.lapieza.io
wtlmd-app.lims-plus.us
manselva.lt
www.mathieuvacance.com
app.melutec.de
bll-apply-staging.money-phone.com
poteligeo.mtxgrp.com
www.munnorkprivateisland.com
myallergy.app
mysuigeneris.com
www.nickellsworth.net
www.nomadscouts.com
app.nvelwraith.com
oncpatient.org
dashboard-preprod.overlap-factory.com
panzeri.rocks
app.pappyon.com
schmidt.pension-luckau.de
pixelsandform.com
pkpartner.pl
app.plan-fritz.de
postbacksapp.com
praiseyou.online
pv2-canje-digital.prestavale.mx
account.prestoexpress.co.uk
invite.puml.io
recal.ly
renginiuasai.lt
renovaclinic.in
seniv.studio
www.link.test.shoofti.com
www.suddenpeak.com
sudokuonline.pw
pancaran-virtual-assessment.talentlytica.com
www.tbint.org
thehopeit.store
pirone.thetislive.com
www.tmsc.ai
user.trashbackindia.com
design-grant.trustedaccountant.nl
twentyonepilots.wiki
bestellen.urfa-nordhorn.de
onboarding.viadee.de
instedpatient-dev-feedback.vicenna.com
vywap.com
app.lab.watdrinkje.be
webflame.co.uk
matt.wkt.wiki
ci.woovapp.com
wt-navi.com
yassermorad.com
ylvaclasson.se
koi.zabaat.com
Other domains in certificate